The Embedded Developer’s Guide to Windows IoT Restoration Methods


I am working on an embedded system project that will operate on Windows IoT Enterprise as the primary operating system. The system’s drive will be partitioned, with the OS and loader application secured under a Unified Write Filter profile, while the second partition will be allocated for mutable game data.

I am currently evaluating different methods for creating a restore disk. The options I am considering are:

1. Creating a WIM image of both the OS and Game drives, allowing restoration through a dedicated program/script or using an autounattend.xml file.

2. Utilizing an autounattend.xml file to automate the installation process as much as possible, followed by running a script that would apply write protection to the drive as necessary.

3. Implementing an autounattend.xml file during installation, complemented by USB provisioning for account and setting creation.

While all three methods appear to achieve similar outcomes with minimal differences in drawbacks, I am considering the ease of OS updates. Although the device is not expected to require frequent updates and the OS drive is not subject to change during operation, I am questioning the additional benefits of using autounattend.xml and provisioning.

After reviewing Microsoft’s Learn portal, I understand that a more dynamic approach may be advantageous, especially in scenarios where the computer system is provided by the end user rather than by myself.

My inquiry is about the intended applications for these scenarios. What are the potential strengths and weaknesses that I might be overlooking? Additionally, does Microsoft have a recommended approach among these options?

To provide further context, I plan to utilize the embedded mode’s custom shell. While USB provisioning supports this feature, the Learn portal indicates that it cannot be set prior to the Out-of-Box Experience (OOBE), which could pose a challenge.

Thank you for your assistance.


When it comes to setting up an embedded system with Windows IoT Enterprise, ensuring a reliable and efficient restoration process is crucial. The primary goal is to create a system that is both secure and easy to maintain, especially in environments where the system may be handled by end users with varying levels of technical expertise.

Creating a Windows Imaging Format (WIM) image for both the OS and game drives is a robust solution. It allows for a complete system restore from a known good state. The use of a dedicated program or script, possibly with an `autounattend.xml` file, can streamline the restoration process. However, this method may not be as dynamic as others, potentially complicating updates and changes to the system.


  • Comprehensive restoration capability.
  • Can be automated for ease of use.


  • Less flexibility for updates.
  • Requires additional storage for image files.

Option 2: Autounattend.xml with Scripting

Leveraging an `autounattend.xml` file to minimize user input during installation, followed by a script to enable write protection, offers a semi-automated approach. This method simplifies the initial setup but may require manual intervention for updates or changes.


  • Reduces the need for user interaction during setup.
  • Scripting can add custom post-installation configurations.


  • Potential need for manual updates.
  • Script maintenance and complexity.

Option 3: Autounattend.xml with USB Provisioning

Using `autounattend.xml` during installation, complemented by USB provisioning, provides a balance between automation and customization. This method facilitates account and setting creation post-installation, which can be particularly useful when systems are supplied by end users.


  • Dynamic account and setting management.
  • Suitable for diverse end-user environments.


  • OOBE limitations for custom shell settings.
  • USB provisioning process may be less familiar to some users.

Microsoft’s Recommendation

While Microsoft provides various tools and documentation to support these methods, there is no one-size-fits-all recommendation. The choice largely depends on the specific requirements of the project and the environment in which the embedded system will operate.

Considerations for Custom Shell Usage

For projects planning to use the embedded mode’s custom shell, it’s important to consider the OOBE restrictions. If USB provisioning cannot set the custom shell before OOBE, alternative methods or additional scripting may be necessary to achieve the desired configuration.

In conclusion, each restoration method has its own set of strengths and weaknesses. The decision should be based on the project’s unique needs, the frequency of expected updates, and the level of control required over the restoration process. A more dynamic approach, such as USB provisioning, may offer greater flexibility, especially in scenarios involving end-user supplied systems. Ultimately, the best solution will align with the project’s goals, providing a secure, maintainable, and user-friendly experience.

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Terms Contacts About Us